From: Andreas Schwab <schwab@redhat.com>
To: libc-hacker@sourceware.org
Subject: [PATCH] Fix memory leak in dlopen with RTLD_NOLOAD
Date: Wed, 23 Feb 2011 15:05:00 -0000 [thread overview]
Message-ID: <m3r5ayeqqj.fsf@redhat.com> (raw)
2011-02-23 Andreas Schwab <schwab@redhat.com>
[BZ #12509]
* elf/dl-load.c (_dl_map_object_from_fd): Free realname before
returning unsuccessfully.
* elf/Makefile ($(objpfx)noload-mem): New rule.
(noload-ENV): Define.
(tests): Add $(objpfx)noload-mem.
* elf/noload.c: Include <memcheck.h>.
(main): Call mtrace. Close all opened handles.
---
elf/Makefile | 6 +++++-
elf/dl-load.c | 2 ++
elf/noload.c | 22 ++++++++++++++++------
3 files changed, 23 insertions(+), 7 deletions(-)
diff --git a/elf/Makefile b/elf/Makefile
index b8a218d..051d4fb 100644
--- a/elf/Makefile
+++ b/elf/Makefile
@@ -216,7 +216,7 @@ ifeq (no,$(cross-compiling))
ifeq (yesyes,$(have-fpie)$(build-shared))
tests: $(objpfx)tst-pie1.out
endif
-tests: $(objpfx)tst-leaks1-mem
+tests: $(objpfx)tst-leaks1-mem $(objpfx)noload-mem
endif
tlsmod17a-suffixes = 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
tlsmod18a-suffixes = 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
@@ -688,6 +688,10 @@ $(objpfx)noload: $(objpfx)testobj1.so $(common-objpfx)dlfcn/libdl.so
LDFLAGS-noload = -rdynamic
$(objpfx)noload.out: $(objpfx)testobj5.so
+$(objpfx)noload-mem: $(objpfx)noload.out
+ $(common-objpfx)malloc/mtrace $(objpfx)noload.mtrace > $@
+noload-ENV = MALLOC_TRACE=$(objpfx)noload.mtrace
+
LDFLAGS-nodelete = -rdynamic
LDFLAGS-nodelmod1.so = -Wl,--enable-new-dtags,-z,nodelete
LDFLAGS-nodelmod4.so = -Wl,--enable-new-dtags,-z,nodelete
diff --git a/elf/dl-load.c b/elf/dl-load.c
index e9e3876..8ac0a7c 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -894,6 +894,7 @@ _dl_map_object_from_fd (const char *name, int fd, struct filebuf *fbp,
{
/* We are not supposed to load the object unless it is already
loaded. So return now. */
+ free (realname);
__close (fd);
return NULL;
}
@@ -912,6 +913,7 @@ _dl_map_object_from_fd (const char *name, int fd, struct filebuf *fbp,
_dl_zerofd = _dl_sysdep_open_zero_fill ();
if (_dl_zerofd == -1)
{
+ free (realname);
__close (fd);
_dl_signal_error (errno, NULL, NULL,
N_("cannot open zero fill device"));
diff --git a/elf/noload.c b/elf/noload.c
index 9281ec7..807e1c4 100644
--- a/elf/noload.c
+++ b/elf/noload.c
@@ -1,20 +1,28 @@
#include <dlfcn.h>
#include <stdio.h>
+#include <mcheck.h>
int
main (void)
{
int result = 0;
+ void *p, *q;
+
+ mtrace ();
/* First try to load an object which is a dependency. This should
succeed. */
- if (dlopen ("testobj1.so", RTLD_LAZY | RTLD_NOLOAD) == NULL)
+ p = dlopen ("testobj1.so", RTLD_LAZY | RTLD_NOLOAD);
+ if (p == NULL)
{
printf ("cannot open \"testobj1.so\": %s\n", dlerror ());
result = 1;
}
else
- puts ("loading \"testobj1.so\" succeeded, OK");
+ {
+ puts ("loading \"testobj1.so\" succeeded, OK");
+ dlclose (p);
+ }
/* Now try loading an object which is not already loaded. */
if (dlopen ("testobj5.so", RTLD_LAZY | RTLD_NOLOAD) != NULL)
@@ -25,8 +33,6 @@ main (void)
else
{
/* Load the object and run the same test again. */
- void *p;
-
puts ("\"testobj5.so\" wasn't loaded and RTLD_NOLOAD prevented it, OK");
p = dlopen ("testobj5.so", RTLD_LAZY);
@@ -41,13 +47,17 @@ main (void)
{
puts ("loading \"testobj5.so\" succeeded, OK");
- if (dlopen ("testobj5.so", RTLD_LAZY | RTLD_NOLOAD) == NULL)
+ q = dlopen ("testobj5.so", RTLD_LAZY | RTLD_NOLOAD);
+ if (q == NULL)
{
printf ("cannot open \"testobj5.so\": %s\n", dlerror ());
result = 1;
}
else
- puts ("loading \"testobj5.so\" with RTLD_NOLOAD succeeded, OK");
+ {
+ puts ("loading \"testobj5.so\" with RTLD_NOLOAD succeeded, OK");
+ dlclose (q);
+ }
if (dlclose (p) != 0)
{
--
1.7.4
--
Andreas Schwab, schwab@redhat.com
GPG Key fingerprint = D4E8 DBE3 3813 BB5D FA84 5EC7 45C6 250E 6F00 984E
"And now for something completely different."
reply other threads:[~2011-02-23 15:05 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m3r5ayeqqj.fsf@redhat.com \
--to=schwab@redhat.com \
--cc=libc-hacker@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).